US20050133582A1 - Method and apparatus for providing a trusted time stamp in an open platform - Google Patents
Method and apparatus for providing a trusted time stamp in an open platform Download PDFInfo
- Publication number
- US20050133582A1 US20050133582A1 US10/744,120 US74412003A US2005133582A1 US 20050133582 A1 US20050133582 A1 US 20050133582A1 US 74412003 A US74412003 A US 74412003A US 2005133582 A1 US2005133582 A1 US 2005133582A1
- Authority
- US
- United States
- Prior art keywords
- time
- trusted
- time estimate
- estimate
- request
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Abandoned
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/72—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in cryptographic circuits
- G06F21/725—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in cryptographic circuits operating on a secure reference time value
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/389—Keeping log of transactions for guaranteeing non-repudiation of a transaction
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2151—Time stamp
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2153—Using hardware token as a secondary aspect
Definitions
- An embodiment of the present invention relates to the field of computing systems and, more particularly, to providing a trusted time stamp on an open platform such as, for example, a computing system.
- Time stamps may be used for a variety of different types of applications. For some applications such as, for example, online banking and/or stock trading, the accuracy and reliability of a time stamp may be critical to ensuring the trustworthiness of the application.
- FIG. 1 is a high-level block diagram of a computing system via which the trusted time stamp capabilities of various embodiments may be implemented.
- FIG. 2 is a high-level block diagram of a computing system and associated software that may be used for various embodiments including an illustration of exemplary protected paths and partitions.
- FIG. 3 is a diagram showing protected and open partitions and associated software modules for one embodiment.
- FIG. 4 is a flow diagram showing a method of one embodiment for providing a trusted time stamp.
- a method and apparatus for providing a trusted time stamp on an open platform is described.
- particular components, software modules, systems, etc. are described for purposes of illustration. It will be appreciated, however, that other embodiments are applicable to other types of components, software modules and/or systems, for example.
- references to “one embodiment,” “an embodiment,” “example embodiment,” “various embodiments,” etc., indicate that the embodiment(s) of the invention so described may include a particular feature, structure, or characteristic, but not every embodiment necessarily includes the particular feature, structure, or characteristic. Further, repeated use of the phrase “in one embodiment” does not necessarily refer to the same embodiment, although it may.
- a trusted application initiates a request for a trusted time stamp.
- a time estimate is then read from a trusted source of time and an attestation process is performed to provide a signed time response.
- the signed time response is provided to the requesting application as a trusted time stamp.
- Embodiments of the invention may be implemented in one or a combination of hardware, firmware, and software. Embodiments of the invention may also be implemented in whole or in part as instructions stored on a machine-readable medium, which may be read and executed by at least one processor to perform the operations described herein.
- a machine-readable medium may include any mechanism for storing or transmitting information in a form readable by a machine (e.g., a computer).
- a machine-readable medium may include read only memory (ROM); random access memory (RAM); magnetic disk storage media; optical storage media; flash memory devices; electrical, optical, acoustical or other form of propagated signals (e.g., carrier waves, infrared signals, digital signals, etc.), and others.
- protected or trusted areas, paths and/or ports may refer to areas of a device or paths between devices that have sufficient protections associated with them to prevent access to them by most, if not all, unauthorized devices and/or software. Examples of such protections are provided in the description that follows.
- trusted software or code may refer to software that has been validated through some means to verify that it has not been altered in an unauthorized manner before execution.
- open platform refers to a platform to which code may be written using well-known interface specifications. Examples of open platforms include most personal, workstation, server and enterprise computing systems, personal digital assistants, etc. In contrast, computing platforms such as contemporary cellular phones, GPS receivers, etc. do not extend themselves to widespread application development using well-known interface specifications. Such computing platforms may be referred to as “closed,” restricted or proprietary computing platforms.
- FIG. 1 is a block diagram of a computing system 100 that may advantageously implement the trusted time stamp capabilities of one or more embodiments.
- the computing system 100 may for example be a mobile computing system such as a notebook or laptop computer.
- the computing system 100 may be a different type of computing system such as a desktop computer, a workstation computer, a personal digital assistant, or another type of computing device.
- a battery and/or battery connector 101 may be included and coupled to the system 100 in a conventional manner to provide an alternate power source for the computing system 100 when, for example, an alternating current power source is not available or convenient.
- the computing system 100 includes a central processing unit (CPU or processor) 105 coupled to a memory control hub (MCH) or other memory controller 110 via a processor bus 115 , a main memory 120 , which may comprise, for example, random access memory (RAM) or another type of memory, coupled to the MCH 110 over a memory bus 125 , one or more trusted graphics components 130 coupled to the MCH 110 over a graphics bus 135 or integrated with another component in the system 100 , and an input/output (I/O) control hub (ICH) or other I/O controller 140 , which may be coupled to the MCH 110 over a bus 145 .
- the memory controller (or MCH) 110 and the I/O controller (or ICH) 140 may be referred to collectively as the chipset.
- the chipset may be a logic circuit to provide an interface between the processor 105 , the memory 120 , and other devices.
- the chipset is implemented as one or more individual integrated circuits as shown in FIG. 1 , but for other embodiments, the chipset may be implemented as a portion of a larger integrated circuit or it may be implemented as parts of multiple other integrated circuits. Further, other capabilities, such as graphics control capabilities, may be provided within the chipset. Although individually labeled herein as a memory controller and I/O controller, these labels should not be read as a limitation on how the chipset features may be physically implemented.
- the processor 105 of one embodiment may be an Intel architecture microprocessor that implements a technology, such as Intel Corporation's LaGrande technology (also referred to herein as LT), that provides for protected execution along with other security-oriented features. Some details of LaGrande technology may currently be found, for example, at http://www.extremetech.com/article2/0,3973,1274197,00.asp.
- the CPU 105 may be another type of processor such as, for example, an embedded processor, a digital signal processor, a microprocessor from a different source, having a different architecture or implementing a different security technology, etc. and/or more than one processor may be included.
- the processor 105 may include an execution unit 146 , page table (PT) registers 148 , one or more on-chip and/or off-chip cache memories 150 and a software monitor 151 .
- PT page table
- All or part of the cache memory 150 may include, or be convertible to, protected memory 152 .
- Protected memory as described above, is a memory with sufficient protections to, in most cases, prevent access to it by an unauthorized device (e.g., any device other than the associated processor 105 ) while activated as a protected memory.
- the cache memory 150 may have various features to permit its selective isolation as a protected memory.
- the protected memory 152 may alternatively or additionally be external to and separate from the cache memory 150 for some embodiments, but still associated with the processor 105 .
- PT registers 148 may be used to implement a table to identify which memory pages are to be accessible only by trusted code and which memory pages are not to be so protected.
- the trusted software (S/W) monitor 151 may monitor and control the overall protected operating environment once the protected operating environment has been established.
- the software monitor may alternatively be provided on the memory controller 110 or elsewhere in the system 100 .
- the trusted S/W monitor 151 may be located in a protected memory such as the memory 152 such that it is itself protected from unauthorized alterations.
- the processor 105 may further be capable of executing instructions that provide for protected execution of trusted software.
- the execution unit 146 may be capable of executing instructions to isolate open and protected partitions in on-chip (e.g. the cache memory 150 ) and off-chip memory (e.g. the main memory 120 ) and to control software access to protected memory.
- the MCH 110 of one embodiment may provide for additional memory protection to block device accesses (e.g. DMA accesses)) to protected memory pages.
- this additional memory protection may operate in parallel to the execution of the above-described instruction(s) by the CPU 105 to control software access to both on and off-chip protected memory to mitigate software attacks.
- the MCH 110 may include protected registers 162 , and a protected memory table 164 .
- the protected registers 162 are registers that are writable only by commands that may only be initiated by trusted microcode (not shown) in the processor 105 .
- Protected microcode is microcode whose execution may only be initiated by authorized instruction(s) and/or by hardware that is not controllable by unauthorized devices.
- the protected registers 162 may hold data that identifies the locations of, and/or controls access to, the protected memory table 164 and the trusted S/W monitor 151 .
- the protected registers 162 may include a register to enable or disable the use of the protected memory table 164 so that DMA protections may be activated before entering a protected operating environment and deactivated after leaving the protected operating environment, for example.
- Protected registers 162 may also include a writable register to identify the location of the protected memory table 164 , so that the location does not have to be hardwired into the chipset.
- the protected registers 162 may further store the temporary location of the trusted S/W monitor 151 before it is placed into protected locations of memory, so that it may be located for transfer when the protected operating environment provided by the system 100 is initialized.
- the protected registers 162 may include an execution start address of the trusted S/W monitor 151 after its transfer into memory, so that execution may be transferred to the trusted S/W monitor 151 after initialization of the protected operating environment.
- the protected memory table 164 may define the memory blocks (where a memory block is a range of contiguously addressable memory locations) in the memory 120 that are to be inaccessible for direct memory access (DMA) transfers and/or by other untrusted sources. Since all accesses associated with the memory 120 are managed by the MCH 110 , the MCH 110 may check the protected memory table 164 before permitting any DMA or other untrusted transfer to take place.
- DMA direct memory access
- the protected memory table 164 may be implemented as a table of bits, with each bit corresponding to a particular memory block in the memory 120 .
- the memory blocks protected from DMA transfers by the protected memory table 164 may be the same memory blocks restricted to protected processing by the PT registers 148 in the processor 105 .
- the main memory 120 may include both protected 154 and open 156 memory pages or partitions. Access to protected pages or partitions 154 in memory 120 is limited by the CPU 105 and/or the MCH 110 to specific trusted software and/or components as described in more detail herein, while access to open pages or partitions in the memory 120 is according to conventional techniques.
- the main memory 120 may further include a protected memory table 158 .
- the protected memory table is implemented in the MCH 110 as the protected memory table 164 as described above and the protected memory table 158 may be eliminated.
- the protected memory table is implemented as the protected memory table 158 in the memory 120 and the protected memory table 164 may be eliminated.
- the protected memory table may also be implemented in other ways not shown. Regardless of physical location, the purpose and basic operation of the protected memory table may be substantially as described.
- a trusted source of time 165 may also be coupled to the I/O control hub 140 or another component of the system 100 .
- the trusted source of time 165 may be provided by an independent clock chip such as, for example, the CK408 spread spectrum differential system clock generator available from Philips Semiconductors of Eindhoven, The Netherlands. Other clock chips may instead be used to provide the trusted source of time 165 .
- the trusted source of time 165 may be a composite mechanism that may include one or more of the following elements: a GPS (global positioning system) receiver, a module to synchronize time over a network and one or more radio frequency (RF) transceivers dedicated to time synchronization.
- a GPS receiver global positioning system
- RF radio frequency
- the trusted source of time 165 may be selected to meet predetermined minimum requirements on the accuracy of time it reports. In whatever form the source of time is provided, it is considered a trusted source of time because it is coupled to the I/O controller 140 or other element of the system 100 via a trusted path to mitigate software and/or hardware attacks as described herein in reference to other components and associated trusted paths.
- the trusted path between the source of time 165 and other components of the system 100 may be provided as described in one or more of the copending U.S. patent applications referenced above, or copending U.S. patent application Ser. No. 10/609,828 entitled, “Trusted Input for Mobile Platforms Transactions,” filed Jun. 20, 2003, Attorney Docket Number 42.P16205, to D.
- Poisner and assigned to the assignee of the present invention By providing a trusted path, the mechanism used to measure, maintain and report time is tamper-resistant from a malicious agent trying to affect any related processes.
- a function of the trusted source of time 165 is to provide a reliable estimate of time when requested.
- the ICH 140 may be coupled to both an external keyboard 166 and an internal keyboard 168 .
- the external and internal keyboards may be provided.
- a secure or trusted path between the external 166 and/or internal keyboard 168 and trusted software may be provided to protect the trusted partition of the system 100 from untrusted inputs and/or other types of attacks.
- this secure path may be in accordance with, for example, copending patent application Ser. No. 10/609,828 entitled, “Trusted Input for Mobile Platforms Transactions,” filed Jun. 30, 2003 and assigned to the assignee of the present invention.
- a radio 170 which may be part of a wireless local or wide area network (WLAN or WWAN) or other wireless networking card, may also be coupled to the ICH 140 to provide for wireless connectivity over a wireless network 172 , which may be operated/serviced by a telephone company (telco) or other service provider and/or may be used by a service provider to provide services to the computing system 100 .
- a server operated by the service provider such as the server 174 , may couple to the computing system 100 over the wireless network 172 via the radio 170 .
- the network 172 may be a GSM/GPRS (Global System for Mobile communications/General Packet Radio Services) network, for example.
- GSM/GPRS Global System for Mobile communications/General Packet Radio Services
- Other types of wireless network protocols such as, for example, CDMA (Code Division Multiple Access), PHS (Personal Handyphone System), 3G (Third generation services) networks, etc. are also within the scope of various embodiments.
- a hardware token such as a Trusted Platform Module (TPM) 176 , which may be in accordance with a currently available or future revision of the TPM specification, currently version 1.1, available from the Trusted Computer Platform Alliance (TCPA) and version 1.2 of the Trusted Computing Group (TCG), may also be coupled to the ICH 140 over, for example, a low pin count (LPC) bus 178 .
- the TPM 176 may be provided to protect data related to creating and maintaining a protected operating environment and is associated directly with the computing platform 100 . In other words, the hardware token 176 is not moved from system to system.
- the hardware token 176 is a discrete hardware device that may be implemented, for example, using an integrated circuit.
- the hardware token 176 may be virtualized, i.e. it may not be provided by a physically separate hardware chip on the motherboard, but may instead be integrated into another chip, or the capabilities associated with a TPM or other hardware token as described herein, may be implemented in another manner.
- the TPM 176 of one embodiment may include one or more non-volatile storage areas to store an endorsement key (EK) 180 and/or other keys associated with the system 100 .
- the EK may be a public/private key-pair. The private component of the key-pair is generated within the TPM 176 and is not exposed outside the TPM 176 .
- the EK is unique to the particular TPM and, therefore, to the particular platform to which the TPM is coupled.
- the TPM 176 of one embodiment may further include a hash engine 182 to compute hash values of small pieces of data, platform configuration register(s) (PCRs) 184 to store platform-specific information, and certificates 186 .
- the certificates 186 may include, for example, one or more of an endorsement certificate, which contains the public key of the EK and provides attestation that the TPM 176 is genuine and the EK is protected, a platform certificate, which may be provided by the platform vendor to provide attestation that the security components of the platform are genuine and a conformance certificate, which may be provided by the platform vendor or an evaluation lab to provide attestation by an accredited party as to the security properties of the platform.
- Other elements such as, for example, a cryptographic engine (not shown), digital signatures (not shown), a hardware random number generator (not shown), monotonic counters (not shown), etc. may also be included in the hardware token 176 for various embodiments.
- trusted source of time 165 is shown in FIG. 1 as being a standalone component/element, for some embodiments, the trusted source of time may be integrated with the hardware token or with another component of the computing system 100 .
- a hard disk drive (HDD) and associated storage media and/or other mass storage device 188 may also be coupled to the ICH 140 . While only one mass storage reference block 188 is shown in FIG. 1 , it will be appreciated that multiple mass storage devices of various types may be used to implement the mass storage device (media) 188 . Further, additional or alternative storage devices may be accessible by the computing system 100 over the network 172 , or over another network 185 that may be accessed via a network card, modem or other wired communications device 189 , for example.
- the computing system 100 may further run an operating system 190 that provides for open and protected partitions for software execution.
- the operating system 190 may be provided by Microsoft Corporation of Redmond, Wash., and may incorporate Microsoft's Next-Generation Secure Computing Base (NGSCB) technology.
- NSCB Next-Generation Secure Computing Base
- the operating system 190 is shown as being stored on the mass storage device 188 , but all or part of the operating system 190 may be stored in another storage device on or accessible by the computing system 100 .
- the computer-accessible storage medium 188 of one embodiment may further store one or more trusted applications 192 , an attestation agent 194 and/or a trusted time access module (TTAM) 196 .
- the attestation agent 194 and/or the trusted time access module 196 may be provided as part of the operating system 190 software, as standalone modules, or as part of another software modules such as application software.
- the attestation agent 194 is responsible for associating a time estimate provided by the trusted source of time 165 with a particular process, thread, or event executing in a trusted environment on the platform 100 , where the process/thread/event may associated with a trusted application requesting the time stamp.
- the attestation agent 194 provides proof that the trusted process and trusted time estimate are both generated by the same trusted platform within the intended context.
- the trusted time access module 196 is responsive to a request from a trusted application for a trusted time stamp to read a time estimate, call the attestation agent and forward a signed response (or time stamp) to the requesting application.
- modules 192 , 194 and/or 196 may be stored in another data store associated with or accessible by the computing system 100 .
- FIG. 2 shows, at a high level, various trusted paths and partitions that may be provided in the computing system 100 of one exemplary embodiment when a trusted execution environment has been established and various software modules as shown are being executed by the processor 105 .
- the trusted areas are shaded in FIG. 2 and some of the trusted paths and ports are identified.
- different trusted paths and partitions may be provided and/or all the trusted paths and partitions shown in FIG. 2 may not necessarily be provided.
- FIG. 3 is a high-level conceptual drawing showing various partitions that may be provided by the operating system 190 of FIG. 1 when a secure operating environment has been established for one embodiment.
- An open or standard partition 305 provided by the operating system 190 runs the main operating system, drivers, applications 310 and associated APIs.
- a protected partition 315 includes a protected operating system kernel 316 and trusted applets or applications such as the trusted applications 192 .
- Associated API(s) may also be included. Security features such as those described herein may be accessible to software developers through various APIs, for example.
- platform architectures and/or operating system architectures that provide for protected storage, protected execution and protected input/output as described herein may also be used for various embodiments.
- trusted time stamp capabilities are provided on an open platform, such as the computing platform 100 of FIG. 1 .
- a method of one embodiment for providing a trusted time stamp is described in reference to FIGS. 1, 2 , 3 and 4 .
- FIG. 4 is a flowchart showing an exemplary method of one embodiment for providing a trusted time stamp on an open platform. In describing the method of FIG. 4 , reference may be made to FIGS. 1, 2 and/or 3 for purposes of illustration. It will be appreciated, however, that the software and/or hardware modules referenced may not necessarily be used to perform the described actions for all embodiments.
- a trusted application running in a trusted environment such as the trusted environment that may be established on the computing system 100 of FIG. 1 , for example, initiates a request for a trusted time stamp.
- applications that may advantageously use the trusted time stamp capabilities of various embodiments may include, for example, online banking or purchasing applications, applications that authorize use of sensitive resources, online voting applications, time keeping applications for competitive sports or gaming, data logging and synchronization applications, general purpose secure remote control (e.g. locking/unlocking home/car, etc.), electronic cash transactions, etc.
- a time estimate may then be read from the trusted source of time over a trusted path.
- the trusted time access module 196 may receive the request for the time stamp and access the trusted source of time 165 to read the time estimate.
- An attestation process may then be performed. This may involve calling an attestation agent at block 415 .
- the trusted time access module 196 may call the attestation agent 194 .
- attestation may be accomplished by digitally signing a digest value of the piece of data that is to be attested.
- the digest value may be synthesized by combining together various other elements in addition to the original data to be attested. Examples of such elements may include, but not be limited to, hash values of platform hardware/software configuration, other credentials, one-time nonce values, etc.
- the attestation agent may send the time estimate, and possibly other application-specific identifiers, to the TPM or other hardware token 176 with a request for attestation.
- the TPM 176 may sign the time estimate and concatenate a hash of certain platform configuration parameters and/or other credentials that uniquely identify the platform.
- the hashing engine 182 may perform the hash using platform configuration parameters stored in the platform configuration register(s) 184 and/or credentials generated using the EK (endorsement key) or another key 180 .
- the signed response including associated credentials and/or other information are sent back to the attestation agent 194 and at block 435 , the attestation agent 194 forwards the signed response and associated credentials and/or other information back to the trusted time access module 196 .
- the other information may include information that associates the signed response with the requesting application, thread, event or transaction.
- the attestation mechanism/module may partially or completely execute within the integrated device.
- the trusted time access module forwards the signed response to the trusted application at which point the signed response is used to provide the requested trusted time stamp.
- the trusted application may then associate the trusted time stamp with the particular transaction or event that it intends to timestamp.
- a computing platform as a general purpose secure remote control or other type of device that may be used for a variety of different applications.
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Business, Economics & Management (AREA)
- Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- General Physics & Mathematics (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Accounting & Taxation (AREA)
- Strategic Management (AREA)
- General Business, Economics & Management (AREA)
- Mathematical Physics (AREA)
- Finance (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
An approach for providing a trusted time stamp in an open platform. A trusted application initiates a request for a trusted time stamp. A time estimate is then read from a trusted source of time and an attestation process is performed to provide a signed time response. The attestation process may include providing the signed time response using a trusted platform module or other hardware token. The signed time response is provided to the requesting application to be used as a trusted time stamp.
Description
- An embodiment of the present invention relates to the field of computing systems and, more particularly, to providing a trusted time stamp on an open platform such as, for example, a computing system.
- Time stamps may be used for a variety of different types of applications. For some applications such as, for example, online banking and/or stock trading, the accuracy and reliability of a time stamp may be critical to ensuring the trustworthiness of the application.
- Embodiments of the present invention are illustrated by way of example and not limitation in the figures of the accompanying drawings in which like references indicate similar elements, and in which:
-
FIG. 1 is a high-level block diagram of a computing system via which the trusted time stamp capabilities of various embodiments may be implemented. -
FIG. 2 is a high-level block diagram of a computing system and associated software that may be used for various embodiments including an illustration of exemplary protected paths and partitions. -
FIG. 3 is a diagram showing protected and open partitions and associated software modules for one embodiment. -
FIG. 4 is a flow diagram showing a method of one embodiment for providing a trusted time stamp. - A method and apparatus for providing a trusted time stamp on an open platform is described. In the following description, particular components, software modules, systems, etc. are described for purposes of illustration. It will be appreciated, however, that other embodiments are applicable to other types of components, software modules and/or systems, for example.
- References to “one embodiment,” “an embodiment,” “example embodiment,” “various embodiments,” etc., indicate that the embodiment(s) of the invention so described may include a particular feature, structure, or characteristic, but not every embodiment necessarily includes the particular feature, structure, or characteristic. Further, repeated use of the phrase “in one embodiment” does not necessarily refer to the same embodiment, although it may.
- For one embodiment, a trusted application initiates a request for a trusted time stamp. A time estimate is then read from a trusted source of time and an attestation process is performed to provide a signed time response. The signed time response is provided to the requesting application as a trusted time stamp.
- Further details of this and other embodiments are provided in the description that follows.
- Embodiments of the invention may be implemented in one or a combination of hardware, firmware, and software. Embodiments of the invention may also be implemented in whole or in part as instructions stored on a machine-readable medium, which may be read and executed by at least one processor to perform the operations described herein. A machine-readable medium may include any mechanism for storing or transmitting information in a form readable by a machine (e.g., a computer). For example, a machine-readable medium may include read only memory (ROM); random access memory (RAM); magnetic disk storage media; optical storage media; flash memory devices; electrical, optical, acoustical or other form of propagated signals (e.g., carrier waves, infrared signals, digital signals, etc.), and others.
- In the description herein, the terms protected or trusted areas, paths and/or ports, for example, may refer to areas of a device or paths between devices that have sufficient protections associated with them to prevent access to them by most, if not all, unauthorized devices and/or software. Examples of such protections are provided in the description that follows. Further, the terms trusted software or code may refer to software that has been validated through some means to verify that it has not been altered in an unauthorized manner before execution.
- The term open platform refers to a platform to which code may be written using well-known interface specifications. Examples of open platforms include most personal, workstation, server and enterprise computing systems, personal digital assistants, etc. In contrast, computing platforms such as contemporary cellular phones, GPS receivers, etc. do not extend themselves to widespread application development using well-known interface specifications. Such computing platforms may be referred to as “closed,” restricted or proprietary computing platforms.
-
Figur 1 is a block diagram of acomputing system 100 that may advantageously implement the trusted time stamp capabilities of one or more embodiments. Thecomputing system 100 may for example be a mobile computing system such as a notebook or laptop computer. Alternatively, thecomputing system 100 may be a different type of computing system such as a desktop computer, a workstation computer, a personal digital assistant, or another type of computing device. Where thecomputing system 100 is a mobile computing system, a battery and/orbattery connector 101 may be included and coupled to thesystem 100 in a conventional manner to provide an alternate power source for thecomputing system 100 when, for example, an alternating current power source is not available or convenient. - The
computing system 100 includes a central processing unit (CPU or processor) 105 coupled to a memory control hub (MCH) orother memory controller 110 via aprocessor bus 115, amain memory 120, which may comprise, for example, random access memory (RAM) or another type of memory, coupled to theMCH 110 over amemory bus 125, one or more trustedgraphics components 130 coupled to theMCH 110 over agraphics bus 135 or integrated with another component in thesystem 100, and an input/output (I/O) control hub (ICH) or other I/O controller 140, which may be coupled to theMCH 110 over abus 145. The memory controller (or MCH) 110 and the I/O controller (or ICH) 140 may be referred to collectively as the chipset. - The chipset may be a logic circuit to provide an interface between the
processor 105, thememory 120, and other devices. For one embodiment, the chipset is implemented as one or more individual integrated circuits as shown inFIG. 1 , but for other embodiments, the chipset may be implemented as a portion of a larger integrated circuit or it may be implemented as parts of multiple other integrated circuits. Further, other capabilities, such as graphics control capabilities, may be provided within the chipset. Although individually labeled herein as a memory controller and I/O controller, these labels should not be read as a limitation on how the chipset features may be physically implemented. - The
processor 105 of one embodiment may be an Intel architecture microprocessor that implements a technology, such as Intel Corporation's LaGrande technology (also referred to herein as LT), that provides for protected execution along with other security-oriented features. Some details of LaGrande technology may currently be found, for example, at http://www.extremetech.com/article2/0,3973,1274197,00.asp. For other embodiments, theCPU 105 may be another type of processor such as, for example, an embedded processor, a digital signal processor, a microprocessor from a different source, having a different architecture or implementing a different security technology, etc. and/or more than one processor may be included. Theprocessor 105 may include anexecution unit 146, page table (PT) registers 148, one or more on-chip and/or off-chip cache memories 150 and asoftware monitor 151. - All or part of the
cache memory 150 may include, or be convertible to, protectedmemory 152. Protected memory, as described above, is a memory with sufficient protections to, in most cases, prevent access to it by an unauthorized device (e.g., any device other than the associated processor 105) while activated as a protected memory. In the illustrated embodiment, thecache memory 150 may have various features to permit its selective isolation as a protected memory. Theprotected memory 152 may alternatively or additionally be external to and separate from thecache memory 150 for some embodiments, but still associated with theprocessor 105. -
PT registers 148 may be used to implement a table to identify which memory pages are to be accessible only by trusted code and which memory pages are not to be so protected. - The trusted software (S/W)
monitor 151 may monitor and control the overall protected operating environment once the protected operating environment has been established. The software monitor may alternatively be provided on thememory controller 110 or elsewhere in thesystem 100. In a particular embodiment, the trusted S/W monitor 151 may be located in a protected memory such as thememory 152 such that it is itself protected from unauthorized alterations. - The
processor 105 may further be capable of executing instructions that provide for protected execution of trusted software. For example, theexecution unit 146 may be capable of executing instructions to isolate open and protected partitions in on-chip (e.g. the cache memory 150) and off-chip memory (e.g. the main memory 120) and to control software access to protected memory. - The
MCH 110 of one embodiment may provide for additional memory protection to block device accesses (e.g. DMA accesses)) to protected memory pages. For some embodiments, this additional memory protection may operate in parallel to the execution of the above-described instruction(s) by theCPU 105 to control software access to both on and off-chip protected memory to mitigate software attacks. - For example, the MCH 110 may include
protected registers 162, and a protected memory table 164. In one embodiment, the protectedregisters 162 are registers that are writable only by commands that may only be initiated by trusted microcode (not shown) in theprocessor 105. Protected microcode is microcode whose execution may only be initiated by authorized instruction(s) and/or by hardware that is not controllable by unauthorized devices. - The protected
registers 162 may hold data that identifies the locations of, and/or controls access to, the protected memory table 164 and the trusted S/W monitor 151. The protectedregisters 162 may include a register to enable or disable the use of the protected memory table 164 so that DMA protections may be activated before entering a protected operating environment and deactivated after leaving the protected operating environment, for example.Protected registers 162 may also include a writable register to identify the location of the protected memory table 164, so that the location does not have to be hardwired into the chipset. - For one embodiment, the protected
registers 162 may further store the temporary location of the trusted S/W monitor 151 before it is placed into protected locations of memory, so that it may be located for transfer when the protected operating environment provided by thesystem 100 is initialized. For one embodiment, the protectedregisters 162 may include an execution start address of the trusted S/W monitor 151 after its transfer into memory, so that execution may be transferred to the trusted S/W monitor 151 after initialization of the protected operating environment. - The protected memory table 164 may define the memory blocks (where a memory block is a range of contiguously addressable memory locations) in the
memory 120 that are to be inaccessible for direct memory access (DMA) transfers and/or by other untrusted sources. Since all accesses associated with thememory 120 are managed by theMCH 110, theMCH 110 may check the protected memory table 164 before permitting any DMA or other untrusted transfer to take place. - In one embodiment, the protected memory table 164 may be implemented as a table of bits, with each bit corresponding to a particular memory block in the
memory 120. In a particular operation, the memory blocks protected from DMA transfers by the protected memory table 164 may be the same memory blocks restricted to protected processing by the PT registers 148 in theprocessor 105. - The
main memory 120 may include both protected 154 and open 156 memory pages or partitions. Access to protected pages orpartitions 154 inmemory 120 is limited by theCPU 105 and/or theMCH 110 to specific trusted software and/or components as described in more detail herein, while access to open pages or partitions in thememory 120 is according to conventional techniques. - As illustrated in
FIG. 1 , themain memory 120 may further include a protected memory table 158. In one embodiment, the protected memory table is implemented in theMCH 110 as the protected memory table 164 as described above and the protected memory table 158 may be eliminated. In another embodiment, the protected memory table is implemented as the protected memory table 158 in thememory 120 and the protected memory table 164 may be eliminated. The protected memory table may also be implemented in other ways not shown. Regardless of physical location, the purpose and basic operation of the protected memory table may be substantially as described. - A trusted source of time 165 may also be coupled to the I/
O control hub 140 or another component of thesystem 100. The trusted source of time 165 may be provided by an independent clock chip such as, for example, the CK408 spread spectrum differential system clock generator available from Philips Semiconductors of Eindhoven, The Netherlands. Other clock chips may instead be used to provide the trusted source of time 165. - Alternatively, the trusted source of time 165 may be a composite mechanism that may include one or more of the following elements: a GPS (global positioning system) receiver, a module to synchronize time over a network and one or more radio frequency (RF) transceivers dedicated to time synchronization. The manner in which a GPS receiver may be used as a time transfer mechanism is well-known and well-documented in readily available literature. Similarly, the network-based protocols for time synchronization are well-known. Other methods that use proprietary RF transceiver technology to synchronize time are also prevalent.
- Examples of approaches to providing a trusted source of time for some embodiments may also be found in co-pending U.S. patent applications Ser. No. 10/334,267 entitled “Trusted Real Time Clock,” attorney docket number 42.P15183, and/or Ser. No. 10/334,954 entitled, “Trusted System Clock,” attorney docket number 42.P15184, both filed Dec. 31, 2002 and assigned to the assignee of the present invention.
- For some embodiments, the trusted source of time 165 may be selected to meet predetermined minimum requirements on the accuracy of time it reports. In whatever form the source of time is provided, it is considered a trusted source of time because it is coupled to the I/
O controller 140 or other element of thesystem 100 via a trusted path to mitigate software and/or hardware attacks as described herein in reference to other components and associated trusted paths. The trusted path between the source of time 165 and other components of thesystem 100 may be provided as described in one or more of the copending U.S. patent applications referenced above, or copending U.S. patent application Ser. No. 10/609,828 entitled, “Trusted Input for Mobile Platforms Transactions,” filed Jun. 20, 2003, Attorney Docket Number 42.P16205, to D. Poisner and assigned to the assignee of the present invention. By providing a trusted path, the mechanism used to measure, maintain and report time is tamper-resistant from a malicious agent trying to affect any related processes. A function of the trusted source of time 165 is to provide a reliable estimate of time when requested. - With continuing reference to
FIG. 1 , where thecomputing system 100 is a mobile computing system, such as, for example, a laptop or notebook computer, theICH 140 may be coupled to both anexternal keyboard 166 and aninternal keyboard 168. For other types of systems and/or for some mobile systems, only one of the external and internal keyboards may be provided. A secure or trusted path between the external 166 and/orinternal keyboard 168 and trusted software may be provided to protect the trusted partition of thesystem 100 from untrusted inputs and/or other types of attacks. For one embodiment, this secure path may be in accordance with, for example, copending patent application Ser. No. 10/609,828 entitled, “Trusted Input for Mobile Platforms Transactions,” filed Jun. 30, 2003 and assigned to the assignee of the present invention. - A
radio 170, which may be part of a wireless local or wide area network (WLAN or WWAN) or other wireless networking card, may also be coupled to theICH 140 to provide for wireless connectivity over a wireless network 172, which may be operated/serviced by a telephone company (telco) or other service provider and/or may be used by a service provider to provide services to thecomputing system 100. For such an example, a server operated by the service provider, such as theserver 174, may couple to thecomputing system 100 over the wireless network 172 via theradio 170. The network 172 may be a GSM/GPRS (Global System for Mobile communications/General Packet Radio Services) network, for example. Other types of wireless network protocols such as, for example, CDMA (Code Division Multiple Access), PHS (Personal Handyphone System), 3G (Third generation services) networks, etc. are also within the scope of various embodiments. - A hardware token such as a Trusted Platform Module (TPM) 176, which may be in accordance with a currently available or future revision of the TPM specification, currently version 1.1, available from the Trusted Computer Platform Alliance (TCPA) and version 1.2 of the Trusted Computing Group (TCG), may also be coupled to the
ICH 140 over, for example, a low pin count (LPC)bus 178. TheTPM 176 may be provided to protect data related to creating and maintaining a protected operating environment and is associated directly with thecomputing platform 100. In other words, thehardware token 176 is not moved from system to system. - For one embodiment, the
hardware token 176 is a discrete hardware device that may be implemented, for example, using an integrated circuit. For another embodiment, thehardware token 176 may be virtualized, i.e. it may not be provided by a physically separate hardware chip on the motherboard, but may instead be integrated into another chip, or the capabilities associated with a TPM or other hardware token as described herein, may be implemented in another manner. - The
TPM 176 of one embodiment may include one or more non-volatile storage areas to store an endorsement key (EK) 180 and/or other keys associated with thesystem 100. The EK may be a public/private key-pair. The private component of the key-pair is generated within theTPM 176 and is not exposed outside theTPM 176. The EK is unique to the particular TPM and, therefore, to the particular platform to which the TPM is coupled. - The
TPM 176 of one embodiment may further include a hash engine 182 to compute hash values of small pieces of data, platform configuration register(s) (PCRs) 184 to store platform-specific information, andcertificates 186. Thecertificates 186 may include, for example, one or more of an endorsement certificate, which contains the public key of the EK and provides attestation that theTPM 176 is genuine and the EK is protected, a platform certificate, which may be provided by the platform vendor to provide attestation that the security components of the platform are genuine and a conformance certificate, which may be provided by the platform vendor or an evaluation lab to provide attestation by an accredited party as to the security properties of the platform. Other elements such as, for example, a cryptographic engine (not shown), digital signatures (not shown), a hardware random number generator (not shown), monotonic counters (not shown), etc. may also be included in thehardware token 176 for various embodiments. - Further, while the trusted source of time 165 is shown in
FIG. 1 as being a standalone component/element, for some embodiments, the trusted source of time may be integrated with the hardware token or with another component of thecomputing system 100. - A hard disk drive (HDD) and associated storage media and/or other
mass storage device 188, such as a compact disc drive and associated media, may also be coupled to theICH 140. While only one massstorage reference block 188 is shown inFIG. 1 , it will be appreciated that multiple mass storage devices of various types may be used to implement the mass storage device (media) 188. Further, additional or alternative storage devices may be accessible by thecomputing system 100 over the network 172, or over anothernetwork 185 that may be accessed via a network card, modem or otherwired communications device 189, for example. - The
computing system 100 may further run anoperating system 190 that provides for open and protected partitions for software execution. For one embodiment, theoperating system 190 may be provided by Microsoft Corporation of Redmond, Wash., and may incorporate Microsoft's Next-Generation Secure Computing Base (NGSCB) technology. Theoperating system 190 is shown as being stored on themass storage device 188, but all or part of theoperating system 190 may be stored in another storage device on or accessible by thecomputing system 100. - The computer-
accessible storage medium 188 of one embodiment may further store one or moretrusted applications 192, anattestation agent 194 and/or a trusted time access module (TTAM) 196. Theattestation agent 194 and/or the trustedtime access module 196 may be provided as part of theoperating system 190 software, as standalone modules, or as part of another software modules such as application software. - The
attestation agent 194, as described in more detail below, is responsible for associating a time estimate provided by the trusted source of time 165 with a particular process, thread, or event executing in a trusted environment on theplatform 100, where the process/thread/event may associated with a trusted application requesting the time stamp. Theattestation agent 194 provides proof that the trusted process and trusted time estimate are both generated by the same trusted platform within the intended context. - The trusted
time access module 196, as described in more detail below, is responsive to a request from a trusted application for a trusted time stamp to read a time estimate, call the attestation agent and forward a signed response (or time stamp) to the requesting application. - It will be appreciated that the
various modules computing system 100. -
FIG. 2 shows, at a high level, various trusted paths and partitions that may be provided in thecomputing system 100 of one exemplary embodiment when a trusted execution environment has been established and various software modules as shown are being executed by theprocessor 105. The trusted areas are shaded inFIG. 2 and some of the trusted paths and ports are identified. For other embodiments, it will be appreciated that different trusted paths and partitions may be provided and/or all the trusted paths and partitions shown inFIG. 2 may not necessarily be provided. -
Figur 3 is a high-level conceptual drawing showing various partitions that may be provided by theoperating system 190 ofFIG. 1 when a secure operating environment has been established for one embodiment. An open orstandard partition 305 provided by theoperating system 190 runs the main operating system, drivers,applications 310 and associated APIs. A protectedpartition 315 includes a protected operating system kernel 316 and trusted applets or applications such as the trustedapplications 192. Associated API(s) may also be included. Security features such as those described herein may be accessible to software developers through various APIs, for example. - While some elements of a specific platform architecture and a specific, associated operating system are described herein, it will be appreciated that other platform architectures and/or operating system architectures that provide for protected storage, protected execution and protected input/output as described herein may also be used for various embodiments.
- For one embodiment, as mentioned above, trusted time stamp capabilities are provided on an open platform, such as the
computing platform 100 ofFIG. 1 . A method of one embodiment for providing a trusted time stamp is described in reference toFIGS. 1, 2 , 3 and 4.FIG. 4 is a flowchart showing an exemplary method of one embodiment for providing a trusted time stamp on an open platform. In describing the method ofFIG. 4 , reference may be made toFIGS. 1, 2 and/or 3 for purposes of illustration. It will be appreciated, however, that the software and/or hardware modules referenced may not necessarily be used to perform the described actions for all embodiments. - At
block 405, a trusted application running in a trusted environment, such as the trusted environment that may be established on thecomputing system 100 ofFIG. 1 , for example, initiates a request for a trusted time stamp. Examples of applications that may advantageously use the trusted time stamp capabilities of various embodiments may include, for example, online banking or purchasing applications, applications that authorize use of sensitive resources, online voting applications, time keeping applications for competitive sports or gaming, data logging and synchronization applications, general purpose secure remote control (e.g. locking/unlocking home/car, etc.), electronic cash transactions, etc. - At
block 410, a time estimate may then be read from the trusted source of time over a trusted path. For thecomputing system 100, for example, the trustedtime access module 196 may receive the request for the time stamp and access the trusted source of time 165 to read the time estimate. - An attestation process may then be performed. This may involve calling an attestation agent at
block 415. For thecomputing system 100, the trustedtime access module 196 may call theattestation agent 194. - In its simplest form, attestation may be accomplished by digitally signing a digest value of the piece of data that is to be attested. For a more complex implementation, the digest value may be synthesized by combining together various other elements in addition to the original data to be attested. Examples of such elements may include, but not be limited to, hash values of platform hardware/software configuration, other credentials, one-time nonce values, etc.
- An exemplary attestation approach is described with continuing reference to
FIG. 4 . It will be appreciated, however, that other attestation methods may be used for other embodiments. Atblock 420, the attestation agent may send the time estimate, and possibly other application-specific identifiers, to the TPM or other hardware token 176 with a request for attestation. - At
block 425, theTPM 176 may sign the time estimate and concatenate a hash of certain platform configuration parameters and/or other credentials that uniquely identify the platform. For thecomputing system 100, for example, the hashing engine 182 may perform the hash using platform configuration parameters stored in the platform configuration register(s) 184 and/or credentials generated using the EK (endorsement key) or another key 180. - At
block 430, the signed response including associated credentials and/or other information are sent back to theattestation agent 194 and atblock 435, theattestation agent 194 forwards the signed response and associated credentials and/or other information back to the trustedtime access module 196. For one embodiment, the other information may include information that associates the signed response with the requesting application, thread, event or transaction. - For embodiments for which the trusted source of time 165 is integrated with the TPM or
other hardware token 176, the attestation mechanism/module may partially or completely execute within the integrated device. - At
block 440, the trusted time access module forwards the signed response to the trusted application at which point the signed response is used to provide the requested trusted time stamp. The trusted application may then associate the trusted time stamp with the particular transaction or event that it intends to timestamp. - It will be appreciated that for some embodiments, not all of the above actions may be performed, the actions may be performed in a different order and/or additional actions may be included.
- Using the above-described approach of various embodiments, it may be possible to use a computing platform as a general purpose secure remote control or other type of device that may be used for a variety of different applications.
- Thus, various embodiments of a method and apparatus for managing privacy and disclosure of computing system location information are described. In the foregoing specification, the invention has been described with reference to specific exemplary embodiments thereof. It will, however, be appreciated that various modifications and changes may be made thereto without departing from the broader spirit and scope of the invention as set forth in the appended claims. The specification and drawings are, accordingly, to be regarded in an illustrative rather than a restrictive sense.
Claims (30)
1. A method comprising:
receiving a request for a trusted time stamp;
reading a time estimate from a trusted source of time;
performing an attestation process to provide proof that the time estimate is to be trusted; and
providing the attested time estimate in response to the request.
2. The method of claim 1 wherein
receiving the request for the trusted time stamp includes receiving the request from a trusted application executing in a trusted partition on a computing system.
3. The method of claim 1 wherein
reading a time estimate from a trusted source of time includes reading a time estimate from one of an independent clock chip and a composite mechanism, the composite mechanism including at least one of a global positioning system (GPS) receiver, a module to synchronize time using a network, and a radio frequency transceiver dedicated to time synchronization.
4. The method of claim 1 wherein performing the attestation process includes providing the time estimate to a hardware token.
5. The method of claim 4 wherein providing the time estimate to a hardware token includes providing the time estimate to a Trusted Platform Module (TPM).
6. The method of claim 5 wherein performing the attestation process includes the TPM signing the time estimate together with a hash of platform configuration parameters.
7. An apparatus comprising:
a trusted time access module to receive a request for a trusted time stamp, request a time estimate from a trusted source of time, and request attestation of the time estimate; and
an attestation module to provide attestation including signing the time estimate, the attestation module further to return the signed time estimate to the trusted time access module.
8. The apparatus of claim 7 wherein the trusted time access module is further to return the signed time estimate as the requested time stamp to an application that made the request.
9. The apparatus of claim 7 wherein the attestation provided by the attestation agent includes providing the time estimate to a hardware token to sign the time estimate.
10. The apparatus of claim 9 wherein the hardware token is a Trusted Platform Module (TPM).
11. The apparatus of claim 7 wherein the hardware token and the trusted source of time are integrated.
12. A system comprising:
a bus to communicate information;
a processor coupled to the bus;
an antenna coupled to the bus; and
a data store to store information that, when executed by the system, causes the system to
receive a request for a trusted time stamp;
read a time estimate from a trusted source of time;
perform an attestation process to provide proof that the time estimate is to be trusted; and
provide the attested time estimate in response to the request.
13. The system of claim 12 wherein the processor in cooperation with an operating system, provides for protected execution in a protected partition.
14. The system of claim 13 wherein the processor implements LaGrande technology from Intel Corporation.
15. The system of claim 13 wherein the request is received from a trusted application executing in the protected partition.
16. The system of claim 12 further comprising
the trusted source of time, the trusted source of time comprising one of an independent clock chip and a composite mechanism, the composite mechanism including at least one of a global positioning system (GPS) receiver, a module to synchronize time using a network, and a radio frequency transceiver dedicated to time synchronization.
17. The system of claim 16 wherein the trusted source of time is coupled to the system via a trusted path.
18. The system of claim 17 further comprising a hardware token integrated with the trusted source of time.
19. The system of claim 17 further comprising a hardware token coupled to the bus, the hardware token to be accessed during the attestation process.
20. The system of claim 19 wherein the hardware token is a Trusted Platform Module.
21. A method comprising:
receiving a request for a trusted time stamp from a trusted application executing in a protected partition;
requesting a time estimate from a trusted source of time;
receiving the requested time estimate from the trusted source of time;
performing an attestation process on the time estimate received from the trusted source of time, the attestation process producing a signed time estimate; and
providing the signed time estimate to the trusted application as the trusted time stamp.
22. The method of claim 21 wherein performing the attestation process includes providing the time estimate received from the trusted source of time to a hardware token.
23. The method of claim 22 wherein performing the attestation process includes providing the time estimate received from the trusted source of time to a Trusted Platform Module.
24. The method of claim 22 wherein performing the attestation process includes performing at least part of the attestation process in an integrated module including a Trusted Platform Module and the trusted source of time.
25. A computer-accessible storage medium comprising information, that when accessed by a computing system, causes the computing system to:
receive a request for a trusted time stamp;
read a time estimate from a trusted source of time;
perform an attestation process to provide proof that the time estimate is to be trusted; and
provide the attested time estimate in response to the request.
26. The computer-accessible storage medium of claim 25 wherein
receiving the request for the trusted time stamp includes receiving the request from a trusted application executing in a trusted partition on the computing system.
27. The computer-accessible storage medium of claim 25 wherein
reading a time estimate from a trusted source of time includes reading a time estimate from one of an independent clock chip and a composite mechanism, the composite mechanism including at least one of a global positioning system (GPS) receiver, a module to synchronize time using a network, and a radio frequency transceiver dedicated to time synchronization.
28. The computer-accessible storage medium of claim 25 wherein performing the attestation process includes providing the time estimate to a hardware token.
29. The computer-accessible storage medium of claim 28 wherein providing the time estimate to a hardware token includes providing the time estimate to a Trusted Platform Module (TPM).
30. The computer-accessible storage medium of claim 29 wherein performing the attestation process includes the TPM signing the time estimate together with a hash of platform configuration parameters.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US10/744,120 US20050133582A1 (en) | 2003-12-22 | 2003-12-22 | Method and apparatus for providing a trusted time stamp in an open platform |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US10/744,120 US20050133582A1 (en) | 2003-12-22 | 2003-12-22 | Method and apparatus for providing a trusted time stamp in an open platform |
Publications (1)
Publication Number | Publication Date |
---|---|
US20050133582A1 true US20050133582A1 (en) | 2005-06-23 |
Family
ID=34678753
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US10/744,120 Abandoned US20050133582A1 (en) | 2003-12-22 | 2003-12-22 | Method and apparatus for providing a trusted time stamp in an open platform |
Country Status (1)
Country | Link |
---|---|
US (1) | US20050133582A1 (en) |
Cited By (18)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20060074600A1 (en) * | 2004-09-15 | 2006-04-06 | Sastry Manoj R | Method for providing integrity measurements with their respective time stamps |
US20070113090A1 (en) * | 2004-03-10 | 2007-05-17 | Villela Agostinho De Arruda | Access control system based on a hardware and software signature of a requesting device |
US20070124819A1 (en) * | 2005-11-28 | 2007-05-31 | Sony Corporation | Digital rights management using trusted time |
US20070192608A1 (en) * | 2004-03-10 | 2007-08-16 | Agostinho De Arruda Villela | Access control system for information services based on a hardware and software signature of a requesting device |
US20070300069A1 (en) * | 2006-06-26 | 2007-12-27 | Rozas Carlos V | Associating a multi-context trusted platform module with distributed platforms |
US20090089582A1 (en) * | 2007-09-27 | 2009-04-02 | Tasneem Brutch | Methods and apparatus for providing upgradeable key bindings for trusted platform modules |
US20100011210A1 (en) * | 2005-05-13 | 2010-01-14 | Scarlata Vincent R | Method And Apparatus For Remotely Provisioning Software-Based Security Coprocessors |
US20100011219A1 (en) * | 2006-07-28 | 2010-01-14 | Hewlett-Packard Development Company, L.P. | Secure Use of User Secrets on a Computing Platform |
US20100250949A1 (en) * | 2009-03-31 | 2010-09-30 | Torino Maria E | Generation, requesting, and/or reception, at least in part, of token |
US20100287369A1 (en) * | 2006-02-15 | 2010-11-11 | Nec Corporation | Id system and program, and id method |
US7991932B1 (en) | 2007-04-13 | 2011-08-02 | Hewlett-Packard Development Company, L.P. | Firmware and/or a chipset determination of state of computer system to set chipset mode |
EP2397959A1 (en) * | 2010-06-21 | 2011-12-21 | Intel Corporation | System and method for N-ary locality in a security co-processor |
US8145910B1 (en) * | 2008-02-29 | 2012-03-27 | Adobe Systems Incorporated | System and method to enforce collaboration rules for timestamps of a collaboration event |
US20130185645A1 (en) * | 2012-01-18 | 2013-07-18 | International Business Machines Corporation | Determining repeat website users via browser uniqueness tracking |
US20130312125A1 (en) * | 2008-02-19 | 2013-11-21 | Interdigital Technology Corporation | Method and apparatus for secure trusted time techniques |
WO2014043056A1 (en) * | 2012-09-12 | 2014-03-20 | Intel Corporation | Mobile platform with sensor data security |
US20160182508A1 (en) * | 2014-12-23 | 2016-06-23 | Timothy J. Gresham | Identity attestation of a minor via a parent |
US11044104B2 (en) | 2018-09-05 | 2021-06-22 | International Business Machines Corporation | Data certification as a service powered by permissioned blockchain network |
Citations (99)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US3699532A (en) * | 1970-04-21 | 1972-10-17 | Singer Co | Multiprogramming control for a data handling system |
US3996449A (en) * | 1975-08-25 | 1976-12-07 | International Business Machines Corporation | Operating system authenticator |
US4162536A (en) * | 1976-01-02 | 1979-07-24 | Gould Inc., Modicon Div. | Digital input/output system and method |
US4207609A (en) * | 1978-05-08 | 1980-06-10 | International Business Machines Corporation | Method and means for path independent device reservation and reconnection in a multi-CPU and shared device access system |
US4247905A (en) * | 1977-08-26 | 1981-01-27 | Sharp Kabushiki Kaisha | Memory clear system |
US4276594A (en) * | 1978-01-27 | 1981-06-30 | Gould Inc. Modicon Division | Digital computer with multi-processor capability utilizing intelligent composite memory and input/output modules and method for performing the same |
US4278837A (en) * | 1977-10-31 | 1981-07-14 | Best Robert M | Crypto microprocessor for executing enciphered programs |
US4307447A (en) * | 1979-06-19 | 1981-12-22 | Gould Inc. | Programmable controller |
US4319233A (en) * | 1978-11-30 | 1982-03-09 | Kokusan Denki Co., Ltd. | Device for electrically detecting a liquid level |
US4319323A (en) * | 1980-04-04 | 1982-03-09 | Digital Equipment Corporation | Communications device for data processing system |
US4347565A (en) * | 1978-12-01 | 1982-08-31 | Fujitsu Limited | Address control system for software simulation |
US4366537A (en) * | 1980-05-23 | 1982-12-28 | International Business Machines Corp. | Authorization mechanism for transfer of program control or data between different address spaces having different storage protect keys |
US4403283A (en) * | 1980-07-28 | 1983-09-06 | Ncr Corporation | Extended memory system and method |
US4419724A (en) * | 1980-04-14 | 1983-12-06 | Sperry Corporation | Main bus interface package |
US4430709A (en) * | 1980-09-13 | 1984-02-07 | Robert Bosch Gmbh | Apparatus for safeguarding data entered into a microprocessor |
US4521852A (en) * | 1982-06-30 | 1985-06-04 | Texas Instruments Incorporated | Data processing device formed on a single semiconductor substrate having secure memory |
US4571672A (en) * | 1982-12-17 | 1986-02-18 | Hitachi, Ltd. | Access control method for multiprocessor systems |
US4759064A (en) * | 1985-10-07 | 1988-07-19 | Chaum David L | Blind unanticipated signature systems |
US4795893A (en) * | 1986-07-11 | 1989-01-03 | Bull, Cp8 | Security device prohibiting the function of an electronic data processing unit after a first cutoff of its electrical power |
US4802084A (en) * | 1985-03-11 | 1989-01-31 | Hitachi, Ltd. | Address translator |
US4825052A (en) * | 1985-12-31 | 1989-04-25 | Bull Cp8 | Method and apparatus for certifying services obtained using a portable carrier such as a memory card |
US4907270A (en) * | 1986-07-11 | 1990-03-06 | Bull Cp8 | Method for certifying the authenticity of a datum exchanged between two devices connected locally or remotely by a transmission line |
US4907272A (en) * | 1986-07-11 | 1990-03-06 | Bull Cp8 | Method for authenticating an external authorizing datum by a portable object, such as a memory card |
US4910774A (en) * | 1987-07-10 | 1990-03-20 | Schlumberger Industries | Method and system for suthenticating electronic memory cards |
US4975836A (en) * | 1984-12-19 | 1990-12-04 | Hitachi, Ltd. | Virtual computer system |
US5007082A (en) * | 1988-08-03 | 1991-04-09 | Kelly Services, Inc. | Computer software encryption apparatus |
US5022077A (en) * | 1989-08-25 | 1991-06-04 | International Business Machines Corp. | Apparatus and method for preventing unauthorized access to BIOS in a personal computer system |
US5075842A (en) * | 1989-12-22 | 1991-12-24 | Intel Corporation | Disabling tag bit recognition and allowing privileged operations to occur in an object-oriented memory protection mechanism |
US5079737A (en) * | 1988-10-25 | 1992-01-07 | United Technologies Corporation | Memory management unit for the MIL-STD 1750 bus |
US5187802A (en) * | 1988-12-26 | 1993-02-16 | Hitachi, Ltd. | Virtual machine system with vitual machine resetting store indicating that virtual machine processed interrupt without virtual machine control program intervention |
US5230069A (en) * | 1990-10-02 | 1993-07-20 | International Business Machines Corporation | Apparatus and method for providing private and shared access to host address and data spaces by guest programs in a virtual machine computer system |
US5237616A (en) * | 1992-09-21 | 1993-08-17 | International Business Machines Corporation | Secure computer system having privileged and unprivileged memories |
US5287363A (en) * | 1991-07-01 | 1994-02-15 | Disk Technician Corporation | System for locating and anticipating data storage media failures |
US5295251A (en) * | 1989-09-21 | 1994-03-15 | Hitachi, Ltd. | Method of accessing multiple virtual address spaces and computer system |
US5361375A (en) * | 1989-02-09 | 1994-11-01 | Fujitsu Limited | Virtual computer system having input/output interrupt control of virtual machines |
US5506975A (en) * | 1992-12-18 | 1996-04-09 | Hitachi, Ltd. | Virtual machine I/O interrupt control method compares number of pending I/O interrupt conditions for non-running virtual machines with predetermined number |
US5555385A (en) * | 1993-10-27 | 1996-09-10 | International Business Machines Corporation | Allocation of address spaces within virtual machine compute system |
US5555414A (en) * | 1994-12-14 | 1996-09-10 | International Business Machines Corporation | Multiprocessing system including gating of host I/O and external enablement to guest enablement at polling intervals |
US5560013A (en) * | 1994-12-06 | 1996-09-24 | International Business Machines Corporation | Method of using a target processor to execute programs of a source architecture that uses multiple address spaces |
US5564040A (en) * | 1994-11-08 | 1996-10-08 | International Business Machines Corporation | Method and apparatus for providing a server function in a logically partitioned hardware machine |
US5574936A (en) * | 1992-01-02 | 1996-11-12 | Amdahl Corporation | Access control mechanism controlling access to and logical purging of access register translation lookaside buffer (ALB) in a computer system |
US5582717A (en) * | 1990-09-12 | 1996-12-10 | Di Santo; Dennis E. | Water dispenser with side by side filling-stations |
US5604805A (en) * | 1994-02-28 | 1997-02-18 | Brands; Stefanus A. | Privacy-protected transfer of electronic information |
US5633929A (en) * | 1995-09-15 | 1997-05-27 | Rsa Data Security, Inc | Cryptographic key escrow system having reduced vulnerability to harvesting attacks |
US5668971A (en) * | 1992-12-01 | 1997-09-16 | Compaq Computer Corporation | Posted disk read operations performed by signalling a disk read complete to the system prior to completion of data transfer |
US5684948A (en) * | 1995-09-01 | 1997-11-04 | National Semiconductor Corporation | Memory management circuit which provides simulated privilege levels |
US5706469A (en) * | 1994-09-12 | 1998-01-06 | Mitsubishi Denki Kabushiki Kaisha | Data processing system controlling bus access to an arbitrary sized memory area |
US5740178A (en) * | 1996-08-29 | 1998-04-14 | Lucent Technologies Inc. | Software for controlling a reliable backup memory |
US5752046A (en) * | 1993-01-14 | 1998-05-12 | Apple Computer, Inc. | Power management system for computer device interconnection bus |
US5809546A (en) * | 1996-05-23 | 1998-09-15 | International Business Machines Corporation | Method for managing I/O buffers in shared storage by structuring buffer table having entries including storage keys for controlling accesses to the buffers |
US5825880A (en) * | 1994-01-13 | 1998-10-20 | Sudia; Frank W. | Multi-step digital signature method and system |
US5919257A (en) * | 1997-08-08 | 1999-07-06 | Novell, Inc. | Networked workstation intrusion detection system |
US5935242A (en) * | 1996-10-28 | 1999-08-10 | Sun Microsystems, Inc. | Method and apparatus for initializing a device |
US5935247A (en) * | 1997-09-18 | 1999-08-10 | Geneticware Co., Ltd. | Computer system having a genetic code that cannot be directly accessed and a method of maintaining the same |
US6035374A (en) * | 1997-06-25 | 2000-03-07 | Sun Microsystems, Inc. | Method of executing coded instructions in a multiprocessor having shared execution resources including active, nap, and sleep states in accordance with cache miss latency |
US6108644A (en) * | 1998-02-19 | 2000-08-22 | At&T Corp. | System and method for electronic transactions |
US6131166A (en) * | 1998-03-13 | 2000-10-10 | Sun Microsystems, Inc. | System and method for cross-platform application level power management |
US6199152B1 (en) * | 1996-08-22 | 2001-03-06 | Transmeta Corporation | Translated memory protection apparatus for an advanced microprocessor |
US6282650B1 (en) * | 1999-01-25 | 2001-08-28 | Intel Corporation | Secure public digital watermark |
US20010027511A1 (en) * | 2000-03-14 | 2001-10-04 | Masaki Wakabayashi | 1-chop microcomputer and IC card using same |
US6327652B1 (en) * | 1998-10-26 | 2001-12-04 | Microsoft Corporation | Loading and identifying a digital rights management operating system |
US20020007456A1 (en) * | 1999-03-27 | 2002-01-17 | Marcus Peinado | Secure processor architecture for use with a digital rights management (DRM) system on a computing device |
US20020023032A1 (en) * | 2000-08-18 | 2002-02-21 | Hewlett-Packard Company | Trusted system |
US6378068B1 (en) * | 1991-05-17 | 2002-04-23 | Nec Corporation | Suspend/resume capability for a protected mode microprocesser |
US6397379B1 (en) * | 1999-01-28 | 2002-05-28 | Ati International Srl | Recording in a program execution profile references to a memory-mapped active device |
US6408388B1 (en) * | 1993-05-05 | 2002-06-18 | Addison M. Fischer | Personal date/time notary device |
US20020147916A1 (en) * | 2001-04-04 | 2002-10-10 | Strongin Geoffrey S. | Method and apparatus for securing portions of memory |
US20020169717A1 (en) * | 2001-05-09 | 2002-11-14 | International Business Machines Corporation | System and method for installing a remote credit card authorization on a system with a TCPA complaint chipset |
US6529909B1 (en) * | 1999-08-31 | 2003-03-04 | Accenture Llp | Method for translating an object attribute converter in an information services patterns environment |
US20030046542A1 (en) * | 2001-09-04 | 2003-03-06 | Hewlett-Packard Company | Method and apparatus for using a secret in a distributed computing system |
US20030074548A1 (en) * | 2001-10-16 | 2003-04-17 | International Business Machines Corporation | Method and system for tracking a secure boot in a trusted computing environment |
US6560627B1 (en) * | 1999-01-28 | 2003-05-06 | Cisco Technology, Inc. | Mutual exclusion at the record level with priority inheritance for embedded systems using one semaphore |
US20030110372A1 (en) * | 2001-04-24 | 2003-06-12 | Proudler Graeme John | Information security system |
US20030115453A1 (en) * | 2001-12-17 | 2003-06-19 | Grawrock David W. | Connecting a virtual token to a physical token |
US20030126442A1 (en) * | 2001-12-31 | 2003-07-03 | Glew Andrew F. | Authenticated code module |
US20030126453A1 (en) * | 2001-12-31 | 2003-07-03 | Glew Andrew F. | Processor supporting execution of an authenticated code instruction |
US6609199B1 (en) * | 1998-10-26 | 2003-08-19 | Microsoft Corporation | Method and apparatus for authenticating an open system application to a portable IC device |
US20030159056A1 (en) * | 2002-02-15 | 2003-08-21 | International Business Machines Corporation | Method and system for securing enablement access to a data security device |
US6615278B1 (en) * | 1999-03-29 | 2003-09-02 | International Business Machines Corporation | Cross-platform program, system, and method having a global registry object for mapping registry equivalent functions in an OS/2 operating system environment |
US20030188179A1 (en) * | 2002-03-28 | 2003-10-02 | International Business Machines Corporation | Encrypted file system using TCPA |
US20030196085A1 (en) * | 1998-10-26 | 2003-10-16 | Lampson Butler W. | System and method for authenticating an operating system |
US6651171B1 (en) * | 1999-04-06 | 2003-11-18 | Microsoft Corporation | Secure execution of program code |
US6678825B1 (en) * | 2000-03-31 | 2004-01-13 | Intel Corporation | Controlling access to multiple isolated memories in an isolated execution environment |
US6684326B1 (en) * | 1999-03-31 | 2004-01-27 | International Business Machines Corporation | Method and system for authenticated boot operations in a computer system of a networked computing environment |
US20040117539A1 (en) * | 2002-12-17 | 2004-06-17 | Intel Corporation | Methods and systems to control virtual machines |
US20040128528A1 (en) * | 2002-12-31 | 2004-07-01 | Poisner David I. | Trusted real time clock |
US20040128549A1 (en) * | 2002-12-31 | 2004-07-01 | Poisner David I. | Trusted system clock |
US6792536B1 (en) * | 1999-10-20 | 2004-09-14 | Timecertain Llc | Smart card system and methods for proving dates in digital files |
US20040268143A1 (en) * | 2003-06-30 | 2004-12-30 | Poisner David I. | Trusted input for mobile platform transactions |
US6895507B1 (en) * | 1999-07-02 | 2005-05-17 | Time Certain, Llc | Method and system for determining and maintaining trust in digital data files with certifiable time |
US20050108534A1 (en) * | 2003-11-19 | 2005-05-19 | Bajikar Sundeep M. | Providing services to an open platform implementing subscriber identity module (SIM) capabilities |
US20050108171A1 (en) * | 2003-11-19 | 2005-05-19 | Bajikar Sundeep M. | Method and apparatus for implementing subscriber identity module (SIM) capabilities in an open platform |
US6898709B1 (en) * | 1999-07-02 | 2005-05-24 | Time Certain Llc | Personal computer system and methods for proving dates in digital data files |
US6948069B1 (en) * | 1999-07-02 | 2005-09-20 | Time Certain, Llc | Method and system for determining and maintaining trust in digital image files with certifiable time |
US6990579B1 (en) * | 2000-03-31 | 2006-01-24 | Intel Corporation | Platform and method for remote attestation of a platform |
US6993656B1 (en) * | 1999-12-10 | 2006-01-31 | International Business Machines Corporation | Time stamping method using aged time stamp receipts |
US7079649B1 (en) * | 1997-03-27 | 2006-07-18 | British Telecommunications Public Limited Company | Copy protection of data |
US7146504B2 (en) * | 2002-06-13 | 2006-12-05 | Microsoft Corporation | Secure clock on computing device such as may be required in connection with a trust-based system |
US7146516B2 (en) * | 2002-12-20 | 2006-12-05 | Invensys Systems, Inc. | Time synchronization schemes wherein at least one data message associates a hardware pulse with a future time |
-
2003
- 2003-12-22 US US10/744,120 patent/US20050133582A1/en not_active Abandoned
Patent Citations (99)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US3699532A (en) * | 1970-04-21 | 1972-10-17 | Singer Co | Multiprogramming control for a data handling system |
US3996449A (en) * | 1975-08-25 | 1976-12-07 | International Business Machines Corporation | Operating system authenticator |
US4162536A (en) * | 1976-01-02 | 1979-07-24 | Gould Inc., Modicon Div. | Digital input/output system and method |
US4247905A (en) * | 1977-08-26 | 1981-01-27 | Sharp Kabushiki Kaisha | Memory clear system |
US4278837A (en) * | 1977-10-31 | 1981-07-14 | Best Robert M | Crypto microprocessor for executing enciphered programs |
US4276594A (en) * | 1978-01-27 | 1981-06-30 | Gould Inc. Modicon Division | Digital computer with multi-processor capability utilizing intelligent composite memory and input/output modules and method for performing the same |
US4207609A (en) * | 1978-05-08 | 1980-06-10 | International Business Machines Corporation | Method and means for path independent device reservation and reconnection in a multi-CPU and shared device access system |
US4319233A (en) * | 1978-11-30 | 1982-03-09 | Kokusan Denki Co., Ltd. | Device for electrically detecting a liquid level |
US4347565A (en) * | 1978-12-01 | 1982-08-31 | Fujitsu Limited | Address control system for software simulation |
US4307447A (en) * | 1979-06-19 | 1981-12-22 | Gould Inc. | Programmable controller |
US4319323A (en) * | 1980-04-04 | 1982-03-09 | Digital Equipment Corporation | Communications device for data processing system |
US4419724A (en) * | 1980-04-14 | 1983-12-06 | Sperry Corporation | Main bus interface package |
US4366537A (en) * | 1980-05-23 | 1982-12-28 | International Business Machines Corp. | Authorization mechanism for transfer of program control or data between different address spaces having different storage protect keys |
US4403283A (en) * | 1980-07-28 | 1983-09-06 | Ncr Corporation | Extended memory system and method |
US4430709A (en) * | 1980-09-13 | 1984-02-07 | Robert Bosch Gmbh | Apparatus for safeguarding data entered into a microprocessor |
US4521852A (en) * | 1982-06-30 | 1985-06-04 | Texas Instruments Incorporated | Data processing device formed on a single semiconductor substrate having secure memory |
US4571672A (en) * | 1982-12-17 | 1986-02-18 | Hitachi, Ltd. | Access control method for multiprocessor systems |
US4975836A (en) * | 1984-12-19 | 1990-12-04 | Hitachi, Ltd. | Virtual computer system |
US4802084A (en) * | 1985-03-11 | 1989-01-31 | Hitachi, Ltd. | Address translator |
US4759064A (en) * | 1985-10-07 | 1988-07-19 | Chaum David L | Blind unanticipated signature systems |
US4825052A (en) * | 1985-12-31 | 1989-04-25 | Bull Cp8 | Method and apparatus for certifying services obtained using a portable carrier such as a memory card |
US4795893A (en) * | 1986-07-11 | 1989-01-03 | Bull, Cp8 | Security device prohibiting the function of an electronic data processing unit after a first cutoff of its electrical power |
US4907270A (en) * | 1986-07-11 | 1990-03-06 | Bull Cp8 | Method for certifying the authenticity of a datum exchanged between two devices connected locally or remotely by a transmission line |
US4907272A (en) * | 1986-07-11 | 1990-03-06 | Bull Cp8 | Method for authenticating an external authorizing datum by a portable object, such as a memory card |
US4910774A (en) * | 1987-07-10 | 1990-03-20 | Schlumberger Industries | Method and system for suthenticating electronic memory cards |
US5007082A (en) * | 1988-08-03 | 1991-04-09 | Kelly Services, Inc. | Computer software encryption apparatus |
US5079737A (en) * | 1988-10-25 | 1992-01-07 | United Technologies Corporation | Memory management unit for the MIL-STD 1750 bus |
US5187802A (en) * | 1988-12-26 | 1993-02-16 | Hitachi, Ltd. | Virtual machine system with vitual machine resetting store indicating that virtual machine processed interrupt without virtual machine control program intervention |
US5361375A (en) * | 1989-02-09 | 1994-11-01 | Fujitsu Limited | Virtual computer system having input/output interrupt control of virtual machines |
US5022077A (en) * | 1989-08-25 | 1991-06-04 | International Business Machines Corp. | Apparatus and method for preventing unauthorized access to BIOS in a personal computer system |
US5295251A (en) * | 1989-09-21 | 1994-03-15 | Hitachi, Ltd. | Method of accessing multiple virtual address spaces and computer system |
US5075842A (en) * | 1989-12-22 | 1991-12-24 | Intel Corporation | Disabling tag bit recognition and allowing privileged operations to occur in an object-oriented memory protection mechanism |
US5582717A (en) * | 1990-09-12 | 1996-12-10 | Di Santo; Dennis E. | Water dispenser with side by side filling-stations |
US5230069A (en) * | 1990-10-02 | 1993-07-20 | International Business Machines Corporation | Apparatus and method for providing private and shared access to host address and data spaces by guest programs in a virtual machine computer system |
US6378068B1 (en) * | 1991-05-17 | 2002-04-23 | Nec Corporation | Suspend/resume capability for a protected mode microprocesser |
US5287363A (en) * | 1991-07-01 | 1994-02-15 | Disk Technician Corporation | System for locating and anticipating data storage media failures |
US5574936A (en) * | 1992-01-02 | 1996-11-12 | Amdahl Corporation | Access control mechanism controlling access to and logical purging of access register translation lookaside buffer (ALB) in a computer system |
US5237616A (en) * | 1992-09-21 | 1993-08-17 | International Business Machines Corporation | Secure computer system having privileged and unprivileged memories |
US5668971A (en) * | 1992-12-01 | 1997-09-16 | Compaq Computer Corporation | Posted disk read operations performed by signalling a disk read complete to the system prior to completion of data transfer |
US5506975A (en) * | 1992-12-18 | 1996-04-09 | Hitachi, Ltd. | Virtual machine I/O interrupt control method compares number of pending I/O interrupt conditions for non-running virtual machines with predetermined number |
US5752046A (en) * | 1993-01-14 | 1998-05-12 | Apple Computer, Inc. | Power management system for computer device interconnection bus |
US6408388B1 (en) * | 1993-05-05 | 2002-06-18 | Addison M. Fischer | Personal date/time notary device |
US5555385A (en) * | 1993-10-27 | 1996-09-10 | International Business Machines Corporation | Allocation of address spaces within virtual machine compute system |
US5825880A (en) * | 1994-01-13 | 1998-10-20 | Sudia; Frank W. | Multi-step digital signature method and system |
US5604805A (en) * | 1994-02-28 | 1997-02-18 | Brands; Stefanus A. | Privacy-protected transfer of electronic information |
US5706469A (en) * | 1994-09-12 | 1998-01-06 | Mitsubishi Denki Kabushiki Kaisha | Data processing system controlling bus access to an arbitrary sized memory area |
US5564040A (en) * | 1994-11-08 | 1996-10-08 | International Business Machines Corporation | Method and apparatus for providing a server function in a logically partitioned hardware machine |
US5560013A (en) * | 1994-12-06 | 1996-09-24 | International Business Machines Corporation | Method of using a target processor to execute programs of a source architecture that uses multiple address spaces |
US5555414A (en) * | 1994-12-14 | 1996-09-10 | International Business Machines Corporation | Multiprocessing system including gating of host I/O and external enablement to guest enablement at polling intervals |
US5684948A (en) * | 1995-09-01 | 1997-11-04 | National Semiconductor Corporation | Memory management circuit which provides simulated privilege levels |
US5633929A (en) * | 1995-09-15 | 1997-05-27 | Rsa Data Security, Inc | Cryptographic key escrow system having reduced vulnerability to harvesting attacks |
US5809546A (en) * | 1996-05-23 | 1998-09-15 | International Business Machines Corporation | Method for managing I/O buffers in shared storage by structuring buffer table having entries including storage keys for controlling accesses to the buffers |
US6199152B1 (en) * | 1996-08-22 | 2001-03-06 | Transmeta Corporation | Translated memory protection apparatus for an advanced microprocessor |
US5740178A (en) * | 1996-08-29 | 1998-04-14 | Lucent Technologies Inc. | Software for controlling a reliable backup memory |
US5935242A (en) * | 1996-10-28 | 1999-08-10 | Sun Microsystems, Inc. | Method and apparatus for initializing a device |
US7079649B1 (en) * | 1997-03-27 | 2006-07-18 | British Telecommunications Public Limited Company | Copy protection of data |
US6035374A (en) * | 1997-06-25 | 2000-03-07 | Sun Microsystems, Inc. | Method of executing coded instructions in a multiprocessor having shared execution resources including active, nap, and sleep states in accordance with cache miss latency |
US5919257A (en) * | 1997-08-08 | 1999-07-06 | Novell, Inc. | Networked workstation intrusion detection system |
US5935247A (en) * | 1997-09-18 | 1999-08-10 | Geneticware Co., Ltd. | Computer system having a genetic code that cannot be directly accessed and a method of maintaining the same |
US6108644A (en) * | 1998-02-19 | 2000-08-22 | At&T Corp. | System and method for electronic transactions |
US6131166A (en) * | 1998-03-13 | 2000-10-10 | Sun Microsystems, Inc. | System and method for cross-platform application level power management |
US6609199B1 (en) * | 1998-10-26 | 2003-08-19 | Microsoft Corporation | Method and apparatus for authenticating an open system application to a portable IC device |
US6327652B1 (en) * | 1998-10-26 | 2001-12-04 | Microsoft Corporation | Loading and identifying a digital rights management operating system |
US20030196085A1 (en) * | 1998-10-26 | 2003-10-16 | Lampson Butler W. | System and method for authenticating an operating system |
US6282650B1 (en) * | 1999-01-25 | 2001-08-28 | Intel Corporation | Secure public digital watermark |
US6397379B1 (en) * | 1999-01-28 | 2002-05-28 | Ati International Srl | Recording in a program execution profile references to a memory-mapped active device |
US6560627B1 (en) * | 1999-01-28 | 2003-05-06 | Cisco Technology, Inc. | Mutual exclusion at the record level with priority inheritance for embedded systems using one semaphore |
US20020007456A1 (en) * | 1999-03-27 | 2002-01-17 | Marcus Peinado | Secure processor architecture for use with a digital rights management (DRM) system on a computing device |
US6615278B1 (en) * | 1999-03-29 | 2003-09-02 | International Business Machines Corporation | Cross-platform program, system, and method having a global registry object for mapping registry equivalent functions in an OS/2 operating system environment |
US6684326B1 (en) * | 1999-03-31 | 2004-01-27 | International Business Machines Corporation | Method and system for authenticated boot operations in a computer system of a networked computing environment |
US6651171B1 (en) * | 1999-04-06 | 2003-11-18 | Microsoft Corporation | Secure execution of program code |
US6895507B1 (en) * | 1999-07-02 | 2005-05-17 | Time Certain, Llc | Method and system for determining and maintaining trust in digital data files with certifiable time |
US6898709B1 (en) * | 1999-07-02 | 2005-05-24 | Time Certain Llc | Personal computer system and methods for proving dates in digital data files |
US6948069B1 (en) * | 1999-07-02 | 2005-09-20 | Time Certain, Llc | Method and system for determining and maintaining trust in digital image files with certifiable time |
US6529909B1 (en) * | 1999-08-31 | 2003-03-04 | Accenture Llp | Method for translating an object attribute converter in an information services patterns environment |
US6792536B1 (en) * | 1999-10-20 | 2004-09-14 | Timecertain Llc | Smart card system and methods for proving dates in digital files |
US6993656B1 (en) * | 1999-12-10 | 2006-01-31 | International Business Machines Corporation | Time stamping method using aged time stamp receipts |
US20010027511A1 (en) * | 2000-03-14 | 2001-10-04 | Masaki Wakabayashi | 1-chop microcomputer and IC card using same |
US6990579B1 (en) * | 2000-03-31 | 2006-01-24 | Intel Corporation | Platform and method for remote attestation of a platform |
US6678825B1 (en) * | 2000-03-31 | 2004-01-13 | Intel Corporation | Controlling access to multiple isolated memories in an isolated execution environment |
US20020023032A1 (en) * | 2000-08-18 | 2002-02-21 | Hewlett-Packard Company | Trusted system |
US20020147916A1 (en) * | 2001-04-04 | 2002-10-10 | Strongin Geoffrey S. | Method and apparatus for securing portions of memory |
US20030110372A1 (en) * | 2001-04-24 | 2003-06-12 | Proudler Graeme John | Information security system |
US20020169717A1 (en) * | 2001-05-09 | 2002-11-14 | International Business Machines Corporation | System and method for installing a remote credit card authorization on a system with a TCPA complaint chipset |
US20030046542A1 (en) * | 2001-09-04 | 2003-03-06 | Hewlett-Packard Company | Method and apparatus for using a secret in a distributed computing system |
US20030074548A1 (en) * | 2001-10-16 | 2003-04-17 | International Business Machines Corporation | Method and system for tracking a secure boot in a trusted computing environment |
US20030115453A1 (en) * | 2001-12-17 | 2003-06-19 | Grawrock David W. | Connecting a virtual token to a physical token |
US20030126442A1 (en) * | 2001-12-31 | 2003-07-03 | Glew Andrew F. | Authenticated code module |
US20030126453A1 (en) * | 2001-12-31 | 2003-07-03 | Glew Andrew F. | Processor supporting execution of an authenticated code instruction |
US20030159056A1 (en) * | 2002-02-15 | 2003-08-21 | International Business Machines Corporation | Method and system for securing enablement access to a data security device |
US20030188179A1 (en) * | 2002-03-28 | 2003-10-02 | International Business Machines Corporation | Encrypted file system using TCPA |
US7146504B2 (en) * | 2002-06-13 | 2006-12-05 | Microsoft Corporation | Secure clock on computing device such as may be required in connection with a trust-based system |
US20040117539A1 (en) * | 2002-12-17 | 2004-06-17 | Intel Corporation | Methods and systems to control virtual machines |
US7146516B2 (en) * | 2002-12-20 | 2006-12-05 | Invensys Systems, Inc. | Time synchronization schemes wherein at least one data message associates a hardware pulse with a future time |
US20040128549A1 (en) * | 2002-12-31 | 2004-07-01 | Poisner David I. | Trusted system clock |
US20040128528A1 (en) * | 2002-12-31 | 2004-07-01 | Poisner David I. | Trusted real time clock |
US20040268143A1 (en) * | 2003-06-30 | 2004-12-30 | Poisner David I. | Trusted input for mobile platform transactions |
US20050108534A1 (en) * | 2003-11-19 | 2005-05-19 | Bajikar Sundeep M. | Providing services to an open platform implementing subscriber identity module (SIM) capabilities |
US20050108171A1 (en) * | 2003-11-19 | 2005-05-19 | Bajikar Sundeep M. | Method and apparatus for implementing subscriber identity module (SIM) capabilities in an open platform |
Cited By (45)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20070113090A1 (en) * | 2004-03-10 | 2007-05-17 | Villela Agostinho De Arruda | Access control system based on a hardware and software signature of a requesting device |
US8171287B2 (en) * | 2004-03-10 | 2012-05-01 | DNABOLT, Inc | Access control system for information services based on a hardware and software signature of a requesting device |
US20070192608A1 (en) * | 2004-03-10 | 2007-08-16 | Agostinho De Arruda Villela | Access control system for information services based on a hardware and software signature of a requesting device |
US20060074600A1 (en) * | 2004-09-15 | 2006-04-06 | Sastry Manoj R | Method for providing integrity measurements with their respective time stamps |
US20100011210A1 (en) * | 2005-05-13 | 2010-01-14 | Scarlata Vincent R | Method And Apparatus For Remotely Provisioning Software-Based Security Coprocessors |
US9483662B2 (en) | 2005-05-13 | 2016-11-01 | Intel Corporation | Method and apparatus for remotely provisioning software-based security coprocessors |
US8068613B2 (en) | 2005-05-13 | 2011-11-29 | Intel Corporation | Method and apparatus for remotely provisioning software-based security coprocessors |
US9311507B2 (en) | 2005-05-13 | 2016-04-12 | Intel Corporation | Method and apparatus for remotely provisioning software-based security coprocessors |
US9298948B2 (en) | 2005-05-13 | 2016-03-29 | Intel Corporation | Method and apparatus for remotely provisioning software-based security coprocessors |
US8953807B2 (en) | 2005-05-13 | 2015-02-10 | Intel Corporation | Method and apparatus for remotely provisioning software-based security coprocessors |
US8953806B2 (en) | 2005-05-13 | 2015-02-10 | Intel Corporation | Method and apparatus for remotely provisioning software-based security coprocessors |
US9501665B2 (en) | 2005-05-13 | 2016-11-22 | Intel Corporation | Method and apparatus for remotely provisioning software-based security coprocessors |
US8565437B2 (en) | 2005-05-13 | 2013-10-22 | Intel Corporation | Method and apparatus for remotely provisioning software-based security coprocessors |
US9524400B2 (en) | 2005-05-13 | 2016-12-20 | Intel Corporation | Method and apparatus for remotely provisioning software-based security coprocessors |
US20110035812A1 (en) * | 2005-11-28 | 2011-02-10 | Strohwig Marc E | Digital rights management using trusted time |
US20110041186A1 (en) * | 2005-11-28 | 2011-02-17 | Strohwig Marc E | Digital rights management using trusted time |
US20070124819A1 (en) * | 2005-11-28 | 2007-05-31 | Sony Corporation | Digital rights management using trusted time |
US7861308B2 (en) | 2005-11-28 | 2010-12-28 | Sony Corporation | Digital rights management using trusted time |
US8239961B2 (en) | 2005-11-28 | 2012-08-07 | Sony Corporation | Digital rights management using trusted time |
US10142114B2 (en) | 2006-02-15 | 2018-11-27 | Nec Corporation | ID system and program, and ID method |
US20100287369A1 (en) * | 2006-02-15 | 2010-11-11 | Nec Corporation | Id system and program, and id method |
US9112705B2 (en) * | 2006-02-15 | 2015-08-18 | Nec Corporation | ID system and program, and ID method |
US8108668B2 (en) * | 2006-06-26 | 2012-01-31 | Intel Corporation | Associating a multi-context trusted platform module with distributed platforms |
US8595483B2 (en) | 2006-06-26 | 2013-11-26 | Intel Corporation | Associating a multi-context trusted platform module with distributed platforms |
US20070300069A1 (en) * | 2006-06-26 | 2007-12-27 | Rozas Carlos V | Associating a multi-context trusted platform module with distributed platforms |
US8332930B2 (en) * | 2006-07-28 | 2012-12-11 | Hewlett-Packard Development Company, L.P. | Secure use of user secrets on a computing platform |
US20100011219A1 (en) * | 2006-07-28 | 2010-01-14 | Hewlett-Packard Development Company, L.P. | Secure Use of User Secrets on a Computing Platform |
US7991932B1 (en) | 2007-04-13 | 2011-08-02 | Hewlett-Packard Development Company, L.P. | Firmware and/or a chipset determination of state of computer system to set chipset mode |
US20090089582A1 (en) * | 2007-09-27 | 2009-04-02 | Tasneem Brutch | Methods and apparatus for providing upgradeable key bindings for trusted platform modules |
US8064605B2 (en) | 2007-09-27 | 2011-11-22 | Intel Corporation | Methods and apparatus for providing upgradeable key bindings for trusted platform modules |
US9396361B2 (en) * | 2008-02-19 | 2016-07-19 | Interdigital Patent Holdings, Inc. | Method and apparatus for protecting time values in wireless communications |
US20130312125A1 (en) * | 2008-02-19 | 2013-11-21 | Interdigital Technology Corporation | Method and apparatus for secure trusted time techniques |
US8145910B1 (en) * | 2008-02-29 | 2012-03-27 | Adobe Systems Incorporated | System and method to enforce collaboration rules for timestamps of a collaboration event |
US20100250949A1 (en) * | 2009-03-31 | 2010-09-30 | Torino Maria E | Generation, requesting, and/or reception, at least in part, of token |
US8479017B2 (en) | 2010-06-21 | 2013-07-02 | Intel Corporation | System and method for N-ary locality in a security co-processor |
CN102289612A (en) * | 2010-06-21 | 2011-12-21 | 英特尔公司 | System and method for n-ary locality in a security co-processor |
EP2397959A1 (en) * | 2010-06-21 | 2011-12-21 | Intel Corporation | System and method for N-ary locality in a security co-processor |
US20130185645A1 (en) * | 2012-01-18 | 2013-07-18 | International Business Machines Corporation | Determining repeat website users via browser uniqueness tracking |
US9934310B2 (en) * | 2012-01-18 | 2018-04-03 | International Business Machines Corporation | Determining repeat website users via browser uniqueness tracking |
US10740411B2 (en) | 2012-01-18 | 2020-08-11 | International Business Machines Corporation | Determining repeat website users via browser uniqueness tracking |
US8955039B2 (en) | 2012-09-12 | 2015-02-10 | Intel Corporation | Mobile platform with sensor data security |
WO2014043056A1 (en) * | 2012-09-12 | 2014-03-20 | Intel Corporation | Mobile platform with sensor data security |
US20160182508A1 (en) * | 2014-12-23 | 2016-06-23 | Timothy J. Gresham | Identity attestation of a minor via a parent |
US10044700B2 (en) * | 2014-12-23 | 2018-08-07 | Mcafee, Llc | Identity attestation of a minor via a parent |
US11044104B2 (en) | 2018-09-05 | 2021-06-22 | International Business Machines Corporation | Data certification as a service powered by permissioned blockchain network |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US9043615B2 (en) | Method and apparatus for a trust processor | |
US20050133582A1 (en) | Method and apparatus for providing a trusted time stamp in an open platform | |
Bajikar | Trusted platform module (tpm) based security on notebook pcs-white paper | |
US8478973B2 (en) | System and method for providing a secure application fragmentation environment | |
US20090282254A1 (en) | Trusted mobile platform architecture | |
US20090282261A1 (en) | Management of a trusted cryptographic processor | |
US20070192830A1 (en) | Security module having access limited based upon security level of code seeking access | |
WO2016195880A1 (en) | System, apparatus and method for controlling multiple trusted execution environments in a system | |
US8369526B2 (en) | Device, system, and method of securely executing applications | |
JP2007516670A (en) | Method and apparatus for implementing subscriber identity module (SIM) functions on an open platform | |
KR20080068759A (en) | Mobile security system and method | |
CN110383240B (en) | Method and apparatus for containerized secure computing resources | |
US9563754B2 (en) | Method of generating a structure and corresponding structure | |
US20050288056A1 (en) | System including a wireless wide area network (WWAN) module with an external identity module reader and approach for certifying the WWAN module | |
US20020144121A1 (en) | Checking file integrity using signature generated in isolated execution | |
WO2022256128A1 (en) | Firmware policy enforcement via a security processor | |
EP3586234B1 (en) | Methods and apparatus for controlling access to secure computing resources | |
Karageorgos et al. | Chip-to-chip authentication method based on SRAM PUF and public key cryptography | |
US20060099991A1 (en) | Method and apparatus for detecting and protecting a credential card | |
Eletriby et al. | High performance Java Card operating system | |
Han et al. | Design and implementation of a portable TPM scheme for general-purpose trusted computing based on EFI | |
Francis et al. | TPM: A More Trustworthy Solution to Computer Security | |
Karger et al. | Designing a Secure Smart Card Operating System | |
Karger et al. | Design of a Secure Smart Card Operating System for Pervasive Applications | |
Bradl | Trusted computing: integrating trust and security into computer platforms |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AS | Assignment |
Owner name: INTEL CORPORATION, CALIFORNIA Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:BAJIKAR, SUNDEEP M.;REEL/FRAME:014841/0521 Effective date: 20031219 |
|
STCB | Information on status: application discontinuation |
Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION |